package com.chey.config;

import com.chey.util.RedisCache;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authorization.AuthorizationDecision;
import org.springframework.security.authorization.AuthorizationManager;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.web.access.intercept.RequestAuthorizationContext;
import org.springframework.stereotype.Component;

import java.util.List;
import java.util.function.Supplier;

/**
 * @author JanYao
 * @version 0.1
 */
@Component("securityRuler")
public class SecurityRuler implements AuthorizationManager<RequestAuthorizationContext> {

    @Autowired
    private RedisCache redisCache;
    @Override
    public AuthorizationDecision check(Supplier<Authentication> authentication, RequestAuthorizationContext object) {



        boolean flag=false;
        String str=object.getRequest().getRequestURI();
        System.out.println(str);
        SimpleGrantedAuthority sga=new SimpleGrantedAuthority(str);
        System.out.println("规则后"+authentication.get());


//        flag=authentication.get().getAuthorities().contains(sga);
        for (GrantedAuthority authority : authentication.get().getAuthorities()) {
            System.out.println("authority:"+authority.getAuthority());
            if (str.contains(authority.getAuthority())){
                flag=true;
                break;
            }
        }

        System.out.println("url:"+str+"========>"+flag);
        return new AuthorizationDecision(flag);
    }
}
